Received: by 2002:ab2:6d45:0:b0:1fb:d597:ff75 with SMTP id d5csp220637lqr; Wed, 5 Jun 2024 04:16:26 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCUFDYfBOJKa7Ae4kWSk/CBmG6OLZzYP0SS5lL+MisOqwVHfxiAw/UPxwwmS1kFi8Mqcoa4YLJB6azvotXJpcLhefM2jsV0++htiCid9iA== X-Google-Smtp-Source: AGHT+IFHrd5ra4xtg5XjskLdRt1rUchfWxqJBfJag6zT3FZOdH1Ftiuj+KyTj6WrNim79S+FV3mH X-Received: by 2002:a05:622a:181d:b0:440:1e02:9e23 with SMTP id d75a77b69052e-4402b6458a1mr21175611cf.42.1717586185877; Wed, 05 Jun 2024 04:16:25 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1717586185; cv=pass; d=google.com; s=arc-20160816; b=EO+Au9MQdV3MDoNNhTrKc3z3x0v3JnucceIp+eV9IsZU+heuYsDGNPwWHMT3qG7dV/ HFj0hMlqSoL8aIeT4R8RhBvr5zpF34FubtfPVGsV4lCcrSQ7e4FT1mkwom79wrkjWFH0 X4NsTBVkTVIT7x3kMRlthKvH77pfCiQbab/kWH4WBjcZQiQyCU+lPt7231+s0SpCT8/T ZygEcksWou5zA3VcgZuEJNn09l6+fqfrcg8ojyogWxEiQFoyq5Gs22Q2JDMmJbjPD/Wa +fMXqNrQdslzDRyGaUWDEN5sxLuMRERa4FKBH5gUDy/s4UEEXieCi24Z9H3rEN0/V231 ia4Q== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature; bh=MyNP/8A3mneC0TU0vkHmFz9QbD6ZPJz2lnq7g0nJwME=; fh=k1a0OgwAJpJs6K/DrlDDqtl5FTq2QiLSX5zDwf5qthk=; b=l7Lh21XGaU9g2LkLgwH/kfzGHPBB8xC38UJFqLvQN9sAN+xNM6cnuwu07UCkMgR7wd OMPHzOWTSgGwB1NmrqX3Cj94Kxh38fDc2DxiQHZumAzN4SfFtl4fEvecu/m4ZcRAJXCc cXgh7Nx+n4+otpVRxx8Y0D4/3zsIqMA5qMudHPuPexxbgiMKjq59+gwqvq1/XUwyN7Yz YirxPFSfYmQmb85FixImIEta09MO8/avKB/S6gpyWlAJTauHaOnVEINAQXXIuzQdCaK8 BOj32fI5iAqU1Zd0i7uKz7yxAp76g4743Tf8dPGz/6irMzUPDyjJ7asbPMqlVpXEakV5 /UXQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@alien8.de header.s=alien8 header.b=asNtDGm0; arc=pass (i=1 spf=pass spfdomain=alien8.de dkim=pass dkdomain=alien8.de dmarc=pass fromdomain=alien8.de); spf=pass (google.com: domain of linux-kernel+bounces-202248-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-202248-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Return-Path: Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id d75a77b69052e-43ff257eb63si123582051cf.392.2024.06.05.04.16.25 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 05 Jun 2024 04:16:25 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-202248-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@alien8.de header.s=alien8 header.b=asNtDGm0; arc=pass (i=1 spf=pass spfdomain=alien8.de dkim=pass dkdomain=alien8.de dmarc=pass fromdomain=alien8.de); spf=pass (google.com: domain of linux-kernel+bounces-202248-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-202248-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=alien8.de Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id E8B161C246CE for ; Wed, 5 Jun 2024 11:16:20 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 1F684192B63; Wed, 5 Jun 2024 11:16:07 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (4096-bit key) header.d=alien8.de header.i=@alien8.de header.b="asNtDGm0" Received: from mail.alien8.de (mail.alien8.de [65.109.113.108]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A050319148B for ; Wed, 5 Jun 2024 11:16:04 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=65.109.113.108 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1717586166; cv=none; b=lcAo+HXzLYorUIZOW5RyZvDfdjpck4gjNVDIGxQzwPnwYF1EGv0+2LrQCaXP+0x550AlszC7ZGR+qEcqEvvJLTQy2WGWAHJCtI5KB33XEXEqySltq7QG8eZSs08hEhJ3We2gO4S2/MixesxXi+kXjSQVQA17GW6uXQjgQELRDgc= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1717586166; c=relaxed/simple; bh=OB4bbDHOpovQgbK+NjxUZFEWt16fgvGMy+LZiN5kFCc=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=SxkLYdNolBfNivhXELwm4fM7w65NAS5Y9UcOhfMZVc6xEfcbrcw1SzmuA2/xEtedxDSC612vtyqV6m07aWivQpIlToPEyQ//M2W2pIGcSLM0LiOR9RYAp2qPl5bksH951mgnDCWyQy/s1PzfNzcd6xLN1Xxpuxp6H4N3YEPbvLk= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=alien8.de; spf=pass smtp.mailfrom=alien8.de; dkim=pass (4096-bit key) header.d=alien8.de header.i=@alien8.de header.b=asNtDGm0; arc=none smtp.client-ip=65.109.113.108 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=alien8.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=alien8.de Received: from localhost (localhost.localdomain [127.0.0.1]) by mail.alien8.de (SuperMail on ZX Spectrum 128k) with ESMTP id 5CC1E40E0191; Wed, 5 Jun 2024 11:16:02 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at mail.alien8.de Authentication-Results: mail.alien8.de (amavisd-new); dkim=pass (4096-bit key) header.d=alien8.de Received: from mail.alien8.de ([127.0.0.1]) by localhost (mail.alien8.de [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id 2MM_uH0b_vZ5; Wed, 5 Jun 2024 11:15:58 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alien8.de; s=alien8; t=1717586158; bh=MyNP/8A3mneC0TU0vkHmFz9QbD6ZPJz2lnq7g0nJwME=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=asNtDGm0aWrqbbyqfz8gB/pIkAwBrS0jW1fszHDBAAE73YTZ1RXmITordyLpNuAhX tUz7P7b7vWLs+JLMUA35+eo4pHvEJXdcODIEuYvYcNEAP7586+vjckHFwuDboH1ljM OE5XYQzs1qvsg5G4qWvi5TqHshLp5wFVV/fBxmdsChG0uOrJSWAxt17BAD+0TRbTWy ye+MDYoA+c3o8gUTX9RQqa19pNy62l6UKhx+TT1AWuKyorUWYwmnhHQ5sCDFTyxMpV UQwfYaQTey+ui3KYvP+gHOXsKX/n2Nc62GvrjxlA2Y+DEqRE9zk+iPtEZTBnI6SSIt ZGQFLFMOp6qDBWAadS70VF9O8UUJIlmRQ1lFlZybAyEYnhkd5CBWvrtSI3nAHZ/gzm 4Sr/r0cb7UGb/VMo/3bBRtYjavnG1zO6gfSR02K9obmsBgFXoUSziNzeTJJNRER5aX Py1DQa6A1lYwmXiw6mFSSky198TDK0p7NWndsTKW9JDo9+RkmCerytU3W94k7rDZQg IxoiUgrhUHgJDTBSiMzkXxnNyGUSU0v723hRw990dEOJUGPu4JYGi8mta1rgJ6FzXn 4FkfWdMKfAdj5xWNC3fq9Nyno77B4x1ZMMiPutVhTMC5YVy+u5Pk78y9vfPKQ+jSUK xiThwe6cbzf+amDt7WH8S3Ys= Received: from zn.tnic (p5de8ee85.dip0.t-ipconnect.de [93.232.238.133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail.alien8.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id 2559440E016E; Wed, 5 Jun 2024 11:15:29 +0000 (UTC) Date: Wed, 5 Jun 2024 13:15:27 +0200 From: Borislav Petkov To: Ard Biesheuvel Cc: Dave Young , Mike Rapoport , "Kalra, Ashish" , tglx@linutronix.de, mingo@redhat.com, dave.hansen@linux.intel.com, x86@kernel.org, rafael@kernel.org, hpa@zytor.com, peterz@infradead.org, adrian.hunter@intel.com, sathyanarayanan.kuppuswamy@linux.intel.com, jun.nakajima@intel.com, rick.p.edgecombe@intel.com, thomas.lendacky@amd.com, michael.roth@amd.com, seanjc@google.com, kai.huang@intel.com, bhe@redhat.com, kirill.shutemov@linux.intel.com, bdas@redhat.com, vkuznets@redhat.com, dionnaglaze@google.com, anisinha@redhat.com, jroedel@suse.de, kexec@lists.infradead.org, linux-coco@lists.linux.dev, linux-kernel@vger.kernel.org Subject: Re: [PATCH v7 1/3] efi/x86: Fix EFI memory map corruption with kexec Message-ID: <20240605111527.GEZmBIzwpsrai31qWT@fat_crate.local> References: <1ef36309-8d7f-447b-a54a-3cdafeccca64@amd.com> <20240603144639.GCZl3XTwmFHwi-KUZW@fat_crate.local> <20240604094358.GBZl7h3otTCYJ5rkkt@fat_crate.local> <20240604180212.GHZl9WpAfNVERTjMqw@fat_crate.local> <20240605074257.GAZmAXAbkc5TGVds5u@fat_crate.local> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: On Wed, Jun 05, 2024 at 10:17:22AM +0200, Ard Biesheuvel wrote: > I'd argue for the opposite: ideally, the difference between the first > boot and not-the-first-boot should be abstracted away by the > 'bootloader' side of kexec as much as possible, so that the tricky > early startup code doesn't have to be riddled with different code > paths depending on !kexec vs kexec. Well, off and on we end up needing to be able to ask whether the current kernel is kexec-ed. So you need to be able to access that aspect in kernel code - not in the bootloader. Perhaps read it from the bootloader, sure. But see my other mail from just now - it might end up not needing it after all and I'd prefer if we never ever have to ask that question but just from staring at EFI code it reminded me that we do need to ask that question already: if (efi_setup) kexec_enter_virtual_mode(); else __efi_enter_virtual_mode(); *exactly* because of EFI and that virtual_map call nonsense of allowing it only once. And we check efi_setup here because that works. But you can't use that globally. And so on... > TDX is a good case in point here: rather than add more conditionals, > I'd urge to remove them so the TDX startup code doesn't have to care > about the difference at all. If there is anything special that needs > to be done, it belongs in the kexec implementation of the previous > kernel. Sure, but reality is not as easy sometimes. Thx. -- Regards/Gruss, Boris. https://people.kernel.org/tglx/notes-about-netiquette